package com.maltys.controller;

import com.maltys.entity.Employee;
import com.maltys.service.IEmployeeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RestController
@RequestMapping("/test")
public class EmployeeController {
    @Autowired
    private IEmployeeService employeeService;

    @GetMapping("/query")
    public List<Employee> employeeList() {
        return employeeService.listAll();
    }

    @GetMapping("/query_id")
    public Employee employeeList(Integer id) {
        return employeeService.getById(id);
    }

    /**
     * sql注入场景实现,参数: Tom' or '1'='1
     * @param name
     * @return
     */
    @GetMapping("/query_name")
    public Employee employeeList(String name) {
        return employeeService.getByName(name);
    }
}
